PRIMA: Policy-Reduced Integrity Measurement Architecture

Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Volumn 2006, Issue , 2006, Pages 19-28

  Jaeger, Trent ^a   Sailer, Reiner ^b   Shankar, Umesh ^c  

^a PENNSYLVANIA STATE UNIVERSITY   (United States)

^b IBM T J WATSON RESEARCH CENTER   (United States)

^c UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

Clark Wilson Lite integrity; Information flow; Remote attestation

Indexed keywords

CLARK-WILSON LITE INTEGRITY; INFORMATION FLOW; REMOTE ATTESTATION;

COMPUTER ARCHITECTURE; COMPUTER HARDWARE; COMPUTER OPERATING SYSTEMS; DATA FLOW ANALYSIS; REMOTE CONTROL; TIME MEASUREMENT;

INFORMATION MANAGEMENT;

EID: 33748062337     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (24)

1. Martin Abadi, Edward Wobber, Michael Burrows, and Butler Lampson. Authentication in the taos operating system. In Proceedings of the 14th ACM Symposium on Operating System Principles, pages 256-269, The Grove Park Inn and Country Club, Asheville, NC, 1993. ACM Press.
2. National Security Agency. Security-Enhanced Linux. http://www.nsa.gov/ selinux/.
3. W. Arbaugh, D. Farber, and J. Smith. A secure and reliable bootstrap architecture, 1997.
4. K. J. Biba. Integrity considerations for secure computer systems. Technical Report MTR-3153, Mitre Corporation, Mitre Corp, Bedford MA, June 1975.
5. th National Computer Security Conference, Gaithersburg, Maryland, 1985.
6. D. D. Clark and D. R. Wilson. A comparison of commercial and military computer security policies. In In Proceedings of the 1987 IEEE Symposium on Security and Privacy, Oakland, California, April 1987.
7. MITRE Corporation. MITRE - Security-Enhanced Linux, http://www.mitre.org/ tech/selinux/.
8. Tresys Corporation. SETools Policy Tools for SELinux. http://www.tresys.com/selinux/selinux_policy_tools.shtml.
9. Dorothy E. Denning. A lattice model of secure information flow. Commun. ACM, 19(5):236-243, 1976.
10. Paul England, Butler W. Lampson, John Manferdelli, Marcus Peinado, and Bryan Willman. A trusted open platform. IEEE Computer, 36(7):55-62, 2003.
11. H. Maruyama et al. Trusted platform on demand. Technical Report RT0564, IBM TRL, 2004.
12. Timothy Fraser. Lomac: Low water-mark integrity protection for cots environments. In In Proceedings of the 2000 IEEE Symposium on Security and Privacy, page 230, Washington, DC, USA, 2000. IEEE Computer Society.
13. Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, and Dan Boneh. Terra: A virtual machine-based platform for trusted computing. In Proceedings of the 19th Symposium on Operating System Principles(SOSP 2003), October 2003.
14. Trusted Computing Group. Trusted Computing Group: TPM. https://www.trustedcomputinggroup.org/groups/tpm/.
15. Trent Jaeger, Reiner Sailer, and Xiaolan Zhang. Analyzing integrity protection in the SELinux example policy. In Proceedings of the 12th USENIX Security Symposium, pages 59-74. USENIX, August 2003.
16. Trent Jaeger, Reiner Sailer, and Xiaolan Zhang. Resolving constraint conflicts. In SACMAT '04: Proceedings of the ninth ACM symposium on Access control models and technologies, pages 105-114, New York, NY, USA, 2004. ACM Press.
17. Niels Provos, Markus Friedl, and Peter Honeyman. Preventing privilege escalation. In Proceedings of the 12th USENIX Security Symposium, Washington, DC, USA, August 2003.
18. David Safford. Trusted linux client, http://www.acsa-admin.org/2004/ workshop/David-Safford.pdf.
19. Reiner Sailer, Trent Jaeger, Xiaolan Zhang, and Leendert van Doom. Attestation-based policy enforcement for remote access. In CCS '04: Proceedings of the 11th ACM conference on Computer and communications security, pages 308-317, New York, NY, USA, 2004. ACM Press.
20. Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In Proceedings of the 13th USENIX Security Symposium, August 9-13, 2004, San Diego, CA, USA, pages 223-238, 2004.
21. th Annual Network and Distributed Systems Security Symposium. Internet Society, 2006.
22. Elaine Shi, Adrian Perrig, and Leendert van Doorn. BIND: A fine-grained attestation service for secure distributed systems. In In Proceedings of the 2005 IEEE Symposium on Security and Privacy, pages 154-168, 2005.
23. Sean W. Smith. Outbound authentication for programmable secure coprocessors. In ESORICS '02: Proceedings of the 7th European Symposium on Research in Computer Security, pages 72-89, London, UK, 2002. Springer-Verlag.
24. Chris Wright, Crispin Cowan, Stephen Smalley, James Morris, and Greg Kroah-Hartman. Linux Security Modules: General Security Support for the Linux Kernel. In Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, USA, August 2002.